Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
File:                     02QfqO0c_D2qI6qvjDp2_oftW6s.mft (raw, json)
Hash identifier:          dQQ8cW9RgHoUXC7wczYKc0rFYP6l1q3n+XUw9HUqaDw=
Subject key identifier:   7B:32:0D:32:4B:AD:87:9E:D0:73:4F:EA:74:B0:F2:C4:1B:46:FD:D5
Authority key identifier: D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB
Certificate issuer:       /CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab
Certificate serial:       0199FEB46A2DF72DBCE627855C9B6BECAC63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
Manifest number:          0DB2
Signing time:             Sun 19 Oct 2025 23:01:00 +0000
Manifest this update:     Sun 19 Oct 2025 23:01:00 +0000
Manifest next update:     Mon 20 Oct 2025 23:01:00 +0000
Files and hashes:         1: 02QfqO0c_D2qI6qvjDp2_oftW6s.crl (hash: AQgD1QlQGrGg/ycCXyXrpQz2p7ttchV4Cs0dCSD9vkM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 23:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:b4:6a:2d:f7:2d:bc:e6:27:85:5c:9b:6b:ec:ac:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab
        Validity
            Not Before: Oct 19 23:01:00 2025 GMT
            Not After : Oct 20 23:01:00 2025 GMT
        Subject: CN=7b320d324bad879ed0734fea74b0f2c41b46fdd5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:b7:a3:8b:dd:e0:27:26:1c:c2:74:e9:72:ff:
                    b5:19:b2:52:b4:48:f4:66:96:43:b8:0d:9e:f5:93:
                    64:0c:19:5f:80:f1:6d:65:73:36:c4:75:ce:8b:30:
                    4f:2e:32:30:4a:1b:56:a4:83:ec:a6:0b:ad:dc:7f:
                    52:8b:29:99:de:d1:e6:ae:4e:74:ad:b1:14:9c:fb:
                    e3:c7:7e:12:97:6b:ec:33:3e:8e:a8:04:8a:7e:b2:
                    09:a5:f3:7d:68:00:8b:c1:c4:c4:16:8c:61:9d:34:
                    0e:8b:39:62:d6:0d:de:83:89:e8:d9:c7:87:ec:89:
                    e8:92:ae:17:8a:36:e4:4e:d2:e4:e0:b6:e2:a8:b5:
                    5e:aa:21:bd:e7:9f:9c:83:54:6e:bd:c5:15:23:a5:
                    b6:1a:61:3b:b9:1f:f7:81:38:ee:5b:1f:5a:19:bf:
                    fd:eb:c2:be:27:02:0c:3d:92:ff:ba:26:f1:1c:41:
                    65:7a:7a:80:41:1b:23:5a:7b:a2:ae:58:3f:ca:50:
                    4b:30:dc:b5:36:98:e3:f7:ed:53:33:c2:09:16:e7:
                    4a:38:0b:fd:dd:e8:28:be:ec:8a:ef:57:3e:46:fa:
                    e8:c9:52:4e:be:d9:62:8c:0b:5a:e0:65:c2:13:9e:
                    4a:4b:31:46:8f:e1:74:77:be:fc:4c:0a:ee:03:ed:
                    26:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:32:0D:32:4B:AD:87:9E:D0:73:4F:EA:74:B0:F2:C4:1B:46:FD:D5
            X509v3 Authority Key Identifier:
                keyid:D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:42:0a:ea:7c:e4:d8:1c:af:94:17:93:84:98:12:da:9a:f5:
         60:ce:5e:5c:bd:49:c4:78:f3:c7:77:ed:ba:a0:ed:5e:ae:3e:
         37:bb:6b:8d:3f:2a:54:3f:fd:36:c1:12:ee:d5:e8:4c:dc:b7:
         43:c2:3b:f7:9f:3b:55:d8:fe:3d:e4:1c:a1:b6:88:17:58:6d:
         f5:b7:d9:94:85:41:53:03:fd:d1:40:b2:42:ac:24:22:f0:5d:
         18:44:94:13:42:f2:17:8a:37:48:92:6a:ac:99:94:55:1f:2e:
         d1:51:66:10:7a:4d:b3:40:6d:00:9f:90:0f:83:9a:8a:78:34:
         8f:00:28:92:21:c0:3c:fb:70:28:fd:72:64:92:3a:5e:15:29:
         ca:cc:ec:03:e7:bc:1f:a7:38:55:7d:74:bf:20:1f:7d:d2:22:
         04:37:4a:c6:af:60:1a:e1:5e:40:15:40:8b:dc:93:0f:e1:ec:
         3f:c3:ec:7e:82:b9:82:7c:de:aa:4a:c1:54:ca:fa:31:05:7a:
         02:1c:93:e7:7e:25:10:7c:32:e2:89:00:bd:7f:fb:d9:b4:44:
         88:a7:9c:bf:b6:57:6c:dd:95:86:52:a2:af:13:fc:d2:48:bb:
         45:a8:07:80:5d:ec:f3:dd:39:98:5d:1f:28:22:ee:84:3e:00:
         00:53:82:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+tGot9y285ieFXJtr7KxjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjQxZmE4ZWQxY2ZjM2RhYTIzYWFhZjhjM2E3NmZlODdl
ZDViYWIwHhcNMjUxMDE5MjMwMTAwWhcNMjUxMDIwMjMwMTAwWjAzMTEwLwYDVQQD
Eyg3YjMyMGQzMjRiYWQ4NzllZDA3MzRmZWE3NGIwZjJjNDFiNDZmZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7eji93gJyYcwnTpcv+1GbJStEj0
ZpZDuA2e9ZNkDBlfgPFtZXM2xHXOizBPLjIwShtWpIPspgut3H9SiymZ3tHmrk50
rbEUnPvjx34Sl2vsMz6OqASKfrIJpfN9aACLwcTEFoxhnTQOizli1g3eg4no2ceH
7Inokq4XijbkTtLk4LbiqLVeqiG955+cg1RuvcUVI6W2GmE7uR/3gTjuWx9aGb/9
68K+JwIMPZL/uibxHEFlenqAQRsjWnuirlg/ylBLMNy1Npjj9+1TM8IJFudKOAv9
3egovuyK71c+RvroyVJOvtlijAta4GXCE55KSzFGj+F0d778TAruA+0mrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHsyDTJLrYee0HNP6nSw8sQbRv3VMB8GA1UdIwQY
MBaAFNNkH6jtHPw9qiOqr4w6dv6H7VurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAt
OTk0MTk5MmM5YzI0LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAtOTk0MTk5MmM5YzI0
LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFEIK6nzk
2ByvlBeThJgS2pr1YM5eXL1JxHjzx3ftuqDtXq4+N7trjT8qVD/9NsES7tXoTNy3
Q8I79587Vdj+PeQcobaIF1ht9bfZlIVBUwP90UCyQqwkIvBdGESUE0LyF4o3SJJq
rJmUVR8u0VFmEHpNs0BtAJ+QD4Oaing0jwAokiHAPPtwKP1yZJI6XhUpyszsA+e8
H6c4VX10vyAffdIiBDdKxq9gGuFeQBVAi9yTD+HsP8PsfoK5gnzeqkrBVMr6MQV6
AhyT534lEHwy4okAvX/72bREiKecv7ZXbN2VhlKirxP80ki7RagHgF3s8905mF0f
KCLuhD4AAFOCgw==
-----END CERTIFICATE-----